Identity theft, identity piracy or identity infringement occurs when someone uses another's personal identifying information, like their name, identifying number, or credit card number, without their permission, to commit fraud or other crimes. The term identity theft was coined in 1964. Since that time, the definition of identity theft has been legally defined throughout both the U.K. and the U.S. as the theft of personally identifiable information. Identity theft deliberately uses someone else's identity as a method to gain financial advantages or obtain credit and other benefits. The person whose identity has been stolen may suffer adverse consequences, especially if they are falsely held responsible for the perpetrator's actions. Personally identifiable information generally includes a person's name, date of birth, social security number, driver's license number, bank account or credit card numbers, PINs, electronic signatures, fingerprints, passwords, or any other information that can be used to access a person's financial resources.
An identity document is any document that may be used to prove a person's identity. If issued in a small, standard credit card size form, it is usually called an identity card, or passport card. Some countries issue formal identity documents, as national identification cards that may be compulsory or non-compulsory, while others may require identity verification using regional identification or informal documents. When the identity document incorporates a person's photograph, it may be called photo ID.
Identity management (IdM), also known as identity and access management, is a framework of policies and technologies to ensure that the right users have the appropriate access to technology resources. IdM systems fall under the overarching umbrellas of IT security and data management. Identity and access management systems not only identify, authenticate, and control access for individuals who will be utilizing IT resources but also the hardware and applications employees need to access.
A national identification number, national identity number, or national insurance number or JMBG/EMBG is used by the governments of many countries as a means of tracking their citizens, permanent residents, and temporary residents for the purposes of work, taxation, government benefits, health care, and other governmentally-related functions.
Digital identity is the phrase referring to the data that computer systems use to identify individuals, organizations, applications, or devices. For individuals, it involves the collection of personal data that is essential for facilitating automated access to digital services, confirming one's identity on the internet, and allowing digital systems to manage interactions between different parties. It is a component of a person's social identity in the digital realm, often referred to as their online identity.
Personal data, also known as personal information or personally identifiable information (PII), is any information related to an identifiable person.
Information sensitivity is the control of access to information or knowledge that might result in loss of an advantage or level of security if disclosed to others.
Pseudonymization is a data management and de-identification procedure by which personally identifiable information fields within a data record are replaced by one or more artificial identifiers, or pseudonyms. A single pseudonym for each replaced field or collection of replaced fields makes the data record less identifiable while remaining suitable for data analysis and data processing.
Protected health information (PHI) under U.S. law is any information about health status, provision of health care, or payment for health care that is created or collected by a Covered Entity, and can be linked to a specific individual. This is interpreted rather broadly and includes any part of a patient's medical record or payment history.
Privacy-enhancing technologies (PET) are technologies that embody fundamental data protection principles by minimizing personal data use, maximizing data security, and empowering individuals. PETs allow online users to protect the privacy of their personally identifiable information (PII), which is often provided to and handled by services or applications. PETs use techniques to minimize an information system's possession of personal data without losing functionality. Generally speaking, PETs can be categorized as either hard or soft privacy technologies.
The Personal Data Privacy and Security Act of 2009, was a bill proposed in the United States Congress to increase protection of personally identifiable information by private companies and government agencies, set guidelines and restrictions on personal data sharing by data brokers, and to enhance criminal penalty for identity theft and other violations of data privacy and security. The bill was sponsored in the United States Senate by Patrick Leahy (Democrat-Vermont), where it is known as S.1490.
De-identification is the process used to prevent someone's personal identity from being revealed. For example, data produced during human subject research might be de-identified to preserve the privacy of research participants. Biological data may be de-identified in order to comply with HIPAA regulations that define and stipulate patient privacy laws.
The Ghana Card is the national Identity card that is issued by the Ghanaian authorities to Ghanaian citizens – both resident and non-resident, legal and permanent residents of foreign nationals. It is proof of identity, citizenship and residence of the holder. The current version is in ID1 format and biometric. It is issued by the National Identification Authority of Ghana and Regarded as a property of the country as such. In July 2023, through the initiative of the Vice President, Dr. Mahamudu Bawumia, new card numbers were issued to newborn babies as part of pilot program to incorporate newborn babies unto the database.
The Lebanese identity card is a compulsory Identity document issued to citizens of the Republic of Lebanon by the police on behalf of the Lebanese Ministry of Interior or in Lebanese embassies/consulates (abroad) free of charge. It is proof of identity, citizenship and residence of the Lebanese citizens.
Quasi-identifiers are pieces of information that are not of themselves unique identifiers, but are sufficiently well correlated with an entity that they can be combined with other quasi-identifiers to create a unique identifier.
The following outline is provided as an overview of and topical guide to computer security:
Data re-identification or de-anonymization is the practice of matching anonymous data with publicly available information, or auxiliary data, in order to discover the person the data belong to. This is a concern because companies with privacy policies, health care providers, and financial institutions may release the data they collect after the data has gone through the de-identification process.
The gathering of personally identifiable information (PII) is the practice of collecting public and private personal data that can be used to identify an individual for both legal and illegal applications. PII owners often view PII gathering as a threat and violation of their privacy. Meanwhile, entities such as information technology companies, governments, and organizations use PII for data analysis of consumer shopping behaviors, political preference, and personal interests.
The Documento Nacional de Identidad (DNI) (Spanish for 'National Identity Document') is the only personal identity card recognized by the Peruvian Government for all civil, commercial, administrative, judicial acts and, in general, for all those cases in which, by legal mandate, it must be presented. It is a public document, personal, and non-transferable and also constitutes the only title of right to the suffrage of the person in whose favor it has been granted. Its issuance is in charge of the National Registry of Identification and Civil Status (RENIEC).
The Personal Information Protection Law of the People's Republic of China referred to as the Personal Information Protection Law or ("PIPL") protecting personal information rights and interests, standardize personal information handling activities, and promote the rational use of personal information. It also addresses the transfer of personal data outside of China.
